The ransomware threat is a top-of-mind issue for so many organizations; however, few feel totally prepared for an attack. Without an industry reference architecture or blueprint for ransomware protection, organizations are building their own strategies and processes to respond. But with ransomware protection included with so many different security and data protection solutions, many are confused about the scope of what is to be included, who is responsible for the implementation, and who needs to be involved in the conversation.
In order to connect the dots between those organizations that feel most prepared and the specific strategies and plans they are using to get there, with an eye on defining best practices, ESG surveyed 620 IT and cybersecurity professionals personally involved with the technology and processes associated with protecting against ransomware attacks at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada) and Western Europe (UK, France, and Germany).
An important line of defense in the ransomware era is what I call 'protecting the protector'...That means ensuring backup data isn’t vulnerable to corruption. Air-gapping is an important consideration here, which means using technologies like data vaults or tape that can easily put data offline from the main network and outside world. It’s unfortunate that only 30% of organizations have deployed this type of solution today.”
Christophe Bertrand
ESG Senior Analyst & Practice Director
Ransomware data restoration is not as straightforward as a “normal” recovery, and it may be hard to plan for all possible scenarios given the many types of attacks.
Making matters more precarious, 87% of organizations are concerned that their data backup copies themselves could become infected or corrupted by ransomware attacks.
Click to view noteworthy data points from the survey and their concise analysis.
Ransomware is its own economy, comprising the cryptocurrency payments that criminals extort, the ransomware software traded on the dark web, the defense technology sold by vendors, and even the cyber insurance policies organizations take out to protect themselves. Any IT organization that thinks they can confront this massive issue with standard security practices of the past could find themselves sorely mistaken and, perhaps, the subject of future news headlines.”
Dave Gruber
ESG Principal Analyst
In order to connect the dots between those organizations that feel most prepared and the specific strategies and plans they are using to get there, with an eye on defining best practices, ESG surveyed 620 IT and cybersecurity professionals personally involved with the technology and processes associated with protecting against ransomware attacks at midmarket and enterprise organizations in North America and Western Europe.
Fill out the form to contact a friendly ESG team member about:
ESG, a division of TechTarget
275 Grove Street, Suite 1-150
Newton, MA 02466
508.482.0188
